openSUSE Security Update : kernel (kernel-1097)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The openSUSE 11.1 kernel was updated to fix various bugs and several
security issues. It was also updated to the stable release 2.6.27.25.

Following security issues were fixed: CVE-2009-1961: A local denial of
service problem in the splice(2) system call was fixed.

CVE-2009-1389: A crash on r8169 network cards when receiving large
packets was fixed.

CVE-2009-1385: Integer underflow in the e1000_clean_rx_irq function in
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux
kernel, the e1000e driver in the Linux kernel, and Intel Wired
Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a
denial of service (panic) via a crafted frame size.

CVE-2009-1630: The nfs_permission function in fs/nfs/dir.c in the NFS
client implementation in the Linux kernel, when atomic_open is
available, does not check execute (aka EXEC or MAY_EXEC) permission
bits, which allows local users to bypass permissions and execute
files, as demonstrated by files on an NFSv4 fileserver

See also :

https://bugzilla.novell.com/show_bug.cgi?id=185164
https://bugzilla.novell.com/show_bug.cgi?id=191648
https://bugzilla.novell.com/show_bug.cgi?id=395775
https://bugzilla.novell.com/show_bug.cgi?id=439775
https://bugzilla.novell.com/show_bug.cgi?id=450658
https://bugzilla.novell.com/show_bug.cgi?id=475149
https://bugzilla.novell.com/show_bug.cgi?id=476525
https://bugzilla.novell.com/show_bug.cgi?id=476822
https://bugzilla.novell.com/show_bug.cgi?id=478462
https://bugzilla.novell.com/show_bug.cgi?id=481074
https://bugzilla.novell.com/show_bug.cgi?id=484716
https://bugzilla.novell.com/show_bug.cgi?id=485768
https://bugzilla.novell.com/show_bug.cgi?id=487247
https://bugzilla.novell.com/show_bug.cgi?id=491802
https://bugzilla.novell.com/show_bug.cgi?id=493214
https://bugzilla.novell.com/show_bug.cgi?id=495065
https://bugzilla.novell.com/show_bug.cgi?id=495091
https://bugzilla.novell.com/show_bug.cgi?id=497341
https://bugzilla.novell.com/show_bug.cgi?id=497648
https://bugzilla.novell.com/show_bug.cgi?id=498358
https://bugzilla.novell.com/show_bug.cgi?id=498369
https://bugzilla.novell.com/show_bug.cgi?id=499152
https://bugzilla.novell.com/show_bug.cgi?id=499278
https://bugzilla.novell.com/show_bug.cgi?id=499845
https://bugzilla.novell.com/show_bug.cgi?id=500429
https://bugzilla.novell.com/show_bug.cgi?id=501396
https://bugzilla.novell.com/show_bug.cgi?id=501651
https://bugzilla.novell.com/show_bug.cgi?id=502675
https://bugzilla.novell.com/show_bug.cgi?id=502903
https://bugzilla.novell.com/show_bug.cgi?id=503353
https://bugzilla.novell.com/show_bug.cgi?id=503635
https://bugzilla.novell.com/show_bug.cgi?id=503855
https://bugzilla.novell.com/show_bug.cgi?id=505578
https://bugzilla.novell.com/show_bug.cgi?id=506361
https://bugzilla.novell.com/show_bug.cgi?id=507557
https://bugzilla.novell.com/show_bug.cgi?id=509071
https://bugzilla.novell.com/show_bug.cgi?id=509544
https://bugzilla.novell.com/show_bug.cgi?id=509822
https://bugzilla.novell.com/show_bug.cgi?id=511243
https://bugzilla.novell.com/show_bug.cgi?id=514644
https://bugzilla.novell.com/show_bug.cgi?id=516213
https://bugzilla.novell.com/show_bug.cgi?id=516827

Solution :

Update the affected kernel packages.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 40360 ()

Bugtraq ID:

CVE ID: CVE-2009-1385
CVE-2009-1389
CVE-2009-1630
CVE-2009-1961

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now